HSEC-2023-0008 Stored XSS in hledger-web

Stored XSS in hledger-web An issue was discovered in hledger-web 1.23. A Stored Cross-Site Scripting XSS vulnerability exists in toBloodhoundJson that allows an attacker to execute JavaScript by encoding user-controlled values in a payload with base64 and parsing them with the atob function...

PT-2023-12608

Name of the Vulnerable Software and Affected Versions hledger versions prior to 1.23 hledger-web versions prior to 1.23 Description A Stored Cross-Site Scripting XSS issue exists in the toBloodhoundJson function, allowing an attacker to execute JavaScript by encoding user-controlled values in a...